wiredmikey writes: It’s been an interesting week in developments related to Duqu, the complex cyber-espionage malware often referred to as “Son of Stuxnet.” On Monday, Kaspersky Lab revealed details on what was a previously unknown programming language used in the “Duqu Framework”, a portion of the Payload DLL used by the Trojan to interact with Command & Control (C&C) servers after the malware infects a system.

Information on the command and control server that the sample would potentially use to connect to was not available in the new file, Thakur said. "The author(s) changed the encryption algorithm they use to encrypt the other components on disk. Also the driver was changed to evade AV coverage. That leads us to believe development of Duqu is still ongoing."

While Duqu is assumed to have been created by the same authors as Stuxnet, unlike Stuxnet, it does not contain any components that attempt to control industrial control systems, but instead is primarily a remote access Trojan (RAT) designed to collect intelligence data and assets, possibly for use in future attacks.